Dropzone AI nabs $16.85M for its automated breach investigation platform – Business
Dropzone AI Inc., a startup that helps cybersecurity teams more quickly investigate and remediate breaches, has raised $16.85 million in fresh funding.
The company detailed its announcement of the Series A round today that Theory Ventures was the led investor. Returning backers Decibel Partners, Pioneer Square Ventures and In-Q-Tel chipped in as well. The raise brings Dropzone AI’s total outside funding to more than $20 million.
When one of a company’s breach detection tools flags suspicious activity, cybersecurity analysts must launch an investigation to understand the scope of the incident. First, they have to determine whether the alert is a false positive or whether there was indeed a breach. If it’s the latter, the cybersecurity team must determine which systems were affected and how to fix them.
Dropzone AI says such investigations can take 40 minutes in some cases. To speed up the process, the company has developed a platform that uses artificial intelligence to automatically map out the scope of cybersecurity incidents. Dropzone AI claims its software can reduce the amount of time necessary to investigate a breach alert to as little as three minutes.
The platform collects data about breaches from a company’s firewalls, endpoint protection software and other cybersecurity systems. Dropzone AI then uses language models to assemble the collected data into incident reports. According to the company, each such report includes a natural language summary of the breach it describes along with recommendations on how to remediate it.
Dropzone AI’s algorithms also surface contextual details about cyberattacks. That context might, for example, include information on which of the systems compromised in a breach contained customer records. Cybersecurity teams can use that data to prioritize their remediation efforts.
For situations where an analyst may require more detailed information about a breach, Dropzone AI has built a chatbot into its platform. It allows users to request specific data points about a cybersecurity incident using natural language prompts. The chatbot automatically finds the systems that contain the requested information.
Some cybersecurity tools, such as Splunk’s namesake platform, feature custom query languages. When necessary, Dropzone AI’s chatbot can write queries in those languages to fetch data requested by cybersecurity teams. That speeds up the process and reduces the need for administrators to familiarize themselves with platform-specific scripting syntaxes.
“Dropzone AI gives defenders extra brainpower through AI reinforcements that tackle the routine and time-consuming tasks of investigating alerts, allowing SecOps teams to focus on the high-priority threats and projects,” said Dropzone AI founder and Chief Executive Officer Edward Wu.
Dropzone AI will use the proceeds from its Series A round to develop additional features for its platform. In conjunction, the company will expand go-to-market efforts to win over more customers. Dropzone AI is targeting both the enterprise market and managed security service providers that protect other organizations’ infrastructure on their behalf.